Sciweavers

CHES
2007
Springer

Collision Attacks on AES-Based MAC: Alpha-MAC

14 years 6 months ago
Collision Attacks on AES-Based MAC: Alpha-MAC
Message Authentication Code construction Alred and its AES-based instance Alpha-MAC were introduced by Daemen and Rijmen in 2005. We show that under certain assumptions about its implementation (namely that keyed parts are perfectly protected against side-channel attacks but bulk hashing rounds are not) one can efficiently attack this function. We propose a side-channel collision attack on this MAC recovering its internal state just after 29 measurements in the known-message scenario which is to be compared to 40 measurements required by collision attacks on AES in the chosen-plaintext scenario. Having recovered the internal state, we mount a selective forgery attack using new 4 to 1 round collisions working with negligible memory and time complexity.
Alex Biryukov, Andrey Bogdanov, Dmitry Khovratovic
Added 07 Jun 2010
Updated 07 Jun 2010
Type Conference
Year 2007
Where CHES
Authors Alex Biryukov, Andrey Bogdanov, Dmitry Khovratovich, Timo Kasper
Comments (0)